Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
94d6181a by Salvatore Bonaccorso at 2026-03-08T17:44:50+01:00
Update status for CVE-2026-21619/{erlang-hex,rebar3}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3286,7 +3286,12 @@ CVE-2026-21656 (Improper Control of Generation of Code
('Code Injection') vulner
CVE-2026-21654 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: Johnson Controls
CVE-2026-21619 (Uncontrolled Resource Consumption, Deserialization of
Untrusted Data v ...)
- NOT-FOR-US: hexpm
+ - erlang-hex <unfixed>
+ - rebar3 <unfixed>
+ NOTE: https://github.com/advisories/GHSA-hx9w-f2w9-9g96
+ NOTE:
https://github.com/hexpm/hex_core/commit/cdf726095bca85ad2549d146df1e831ae93c2b13
(v0.12.1)
+ NOTE:
https://github.com/hexpm/hex/commit/636739f3322514e9303ca335fb630696fcbb3c95
(v2.3.2)
+ NOTE:
https://github.com/erlang/rebar3/commit/1d4478f527e373de0b225951e53115450e0d9b9d
(3.27.0)
CVE-2026-1627 (An attacker may exploit the use of outdated and weak MAC
algorithms in ...)
NOT-FOR-US: SICK AG
CVE-2026-1626 (An attacker may exploit the use of weak CBC-based cipher suites
in the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94d6181a6274d4c31912c5257af79c0723fa3784
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94d6181a6274d4c31912c5257af79c0723fa3784
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
